// Copyright lowRISC contributors (OpenTitan project).
// Licensed under the Apache License, Version 2.0, see LICENSE for details.
// SPDX-License-Identifier: Apache-2.0

#include "sw/device/silicon_creator/lib/cert/cert.h"

#include "gtest/gtest.h"
#include "sw/device/lib/base/hardened.h"
#include "sw/device/silicon_creator/lib/error.h"
#include "sw/device/silicon_creator/testing/rom_test.h"

#include "flash_ctrl_regs.h"
#include "hw/top_earlgrey/sw/autogen/top_earlgrey.h"

namespace cert_unittest {
namespace {
using ::testing::_;
using ::testing::Return;
using ::testing::SetArgPointee;

class CertTest : public rom_test::RomTest {
 protected:
  uint8_t expected_sn_bytes_[kCertX509Asn1SerialNumberSizeInBytes] = {
      0x01, 0xB4, 0x17, 0x80, 0x5F, 0x8B, 0x74, 0xAD, 0xEC, 0xE7,
      0xE9, 0xAC, 0x37, 0xCA, 0xBD, 0x33, 0x4C, 0xAA, 0xEB, 0x3D,
  };
  // CDI 0 hexdump from provisioning e2e FPGA test.
  // $ bazel test --test_output=streamed --cache_test_results=no \
  //     //sw/host/provisioning/orchestrator/tests:e2e_emulation_cw340_test
  uint8_t valid_dice_cert_bytes_[2048] = {
      0x30, 0x82, 0x02, 0x3d, 0x30, 0x82, 0x01, 0xe3, 0xa0, 0x03, 0x02, 0x01,
      0x02, 0x02, 0x15, 0x00, 0x81, 0xb4, 0x17, 0x80, 0x5f, 0x8b, 0x74, 0xad,
      0xec, 0xe7, 0xe9, 0xac, 0x37, 0xca, 0xbd, 0x33, 0x4c, 0xaa, 0xeb, 0x3d,
      0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,
      0x30, 0x33, 0x31, 0x31, 0x30, 0x2f, 0x06, 0x03, 0x55, 0x04, 0x05, 0x13,
      0x28, 0x38, 0x66, 0x61, 0x31, 0x34, 0x33, 0x36, 0x35, 0x62, 0x62, 0x32,
      0x65, 0x30, 0x36, 0x62, 0x38, 0x38, 0x39, 0x35, 0x38, 0x66, 0x32, 0x65,
      0x61, 0x38, 0x36, 0x65, 0x66, 0x65, 0x64, 0x34, 0x30, 0x65, 0x32, 0x34,
      0x32, 0x64, 0x63, 0x33, 0x62, 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31,
      0x38, 0x30, 0x33, 0x32, 0x32, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a,
      0x18, 0x0f, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33,
      0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x33, 0x31, 0x31, 0x30, 0x2f, 0x06,
      0x03, 0x55, 0x04, 0x05, 0x13, 0x28, 0x38, 0x31, 0x62, 0x34, 0x31, 0x37,
      0x38, 0x30, 0x35, 0x66, 0x38, 0x62, 0x37, 0x34, 0x61, 0x64, 0x65, 0x63,
      0x65, 0x37, 0x65, 0x39, 0x61, 0x63, 0x33, 0x37, 0x63, 0x61, 0x62, 0x64,
      0x33, 0x33, 0x34, 0x63, 0x61, 0x61, 0x65, 0x62, 0x33, 0x64, 0x30, 0x59,
      0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06,
      0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00,
      0x04, 0x7e, 0x6b, 0x24, 0x43, 0x1b, 0x04, 0x1d, 0x98, 0xdb, 0xb8, 0xa0,
      0x53, 0x91, 0x6a, 0xbf, 0xaa, 0xe1, 0x62, 0x33, 0xf9, 0x6e, 0xee, 0x0c,
      0x75, 0x8f, 0x0b, 0x55, 0x98, 0xd6, 0x4f, 0x3f, 0x6e, 0x88, 0xfd, 0xdf,
      0xe7, 0x98, 0x81, 0x03, 0x91, 0x04, 0xd5, 0xa9, 0x09, 0xaf, 0xeb, 0x75,
      0x2a, 0x0c, 0x19, 0x7c, 0x50, 0x02, 0x17, 0xd7, 0x59, 0xf8, 0xfa, 0xcb,
      0x2d, 0xa8, 0x77, 0xe8, 0x33, 0xa3, 0x81, 0xcf, 0x30, 0x81, 0xcc, 0x30,
      0x0f, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x05, 0x30,
      0x03, 0x01, 0x01, 0xff, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01,
      0x01, 0xff, 0x04, 0x05, 0x03, 0x03, 0x07, 0x04, 0x00, 0x30, 0x22, 0x06,
      0x03, 0x55, 0x1d, 0x23, 0x01, 0x01, 0x00, 0x04, 0x18, 0x30, 0x16, 0x80,
      0x14, 0x8f, 0xa1, 0x43, 0x65, 0xbb, 0x2e, 0x06, 0xb8, 0x89, 0x58, 0xf2,
      0xea, 0x86, 0xef, 0xed, 0x40, 0xe2, 0x42, 0xdc, 0x3b, 0x30, 0x20, 0x06,
      0x03, 0x55, 0x1d, 0x0e, 0x01, 0x01, 0x00, 0x04, 0x16, 0x04, 0x14, 0x81,
      0xb4, 0x17, 0x80, 0x5f, 0x8b, 0x74, 0xad, 0xec, 0xe7, 0xe9, 0xac, 0x37,
      0xca, 0xbd, 0x33, 0x4c, 0xaa, 0xeb, 0x3d, 0x30, 0x62, 0x06, 0x06, 0x67,
      0x81, 0x05, 0x05, 0x04, 0x01, 0x01, 0x01, 0xff, 0x04, 0x55, 0x30, 0x53,
      0x80, 0x09, 0x4f, 0x70, 0x65, 0x6e, 0x54, 0x69, 0x74, 0x61, 0x6e, 0x81,
      0x07, 0x52, 0x4f, 0x4d, 0x5f, 0x45, 0x58, 0x54, 0x83, 0x05, 0x00, 0x80,
      0x00, 0x00, 0x00, 0x84, 0x01, 0x01, 0xa6, 0x2f, 0x30, 0x2d, 0x06, 0x09,
      0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x04, 0x20, 0x00,
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x87, 0x02, 0x04, 0x00, 0x30,
      0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03,
      0x48, 0x00, 0x30, 0x45, 0x02, 0x20, 0x14, 0x95, 0x17, 0xb9, 0xc0, 0xa8,
      0x24, 0x9d, 0x26, 0x4a, 0x71, 0xb9, 0xed, 0x4a, 0x87, 0x99, 0x25, 0x72,
      0xc6, 0x31, 0xf8, 0xce, 0x3e, 0x6b, 0x98, 0x15, 0xec, 0xd7, 0xca, 0x65,
      0xb9, 0x1d, 0x02, 0x21, 0x00, 0x91, 0x10, 0xcd, 0xdf, 0xe3, 0xa8, 0x46,
      0xc2, 0xaf, 0x1c, 0x30, 0xc5, 0x4c, 0x99, 0x6d, 0xae, 0xb8, 0xc8, 0x19,
      0x15, 0x10, 0x3f, 0xe0, 0x64, 0xf0, 0x72, 0x7d, 0x33, 0x93, 0x51, 0x0f,
      0x5d,
  };
  uint32_t expected_cert_size_ =
      ((valid_dice_cert_bytes_[2] << 8) | (valid_dice_cert_bytes_[3])) + 4;
};

TEST_F(CertTest, DecodeSize) {
  EXPECT_EQ(cert_x509_asn1_decode_size_header(valid_dice_cert_bytes_),
            expected_cert_size_);
}

/**
 * Here we test if a flash page has been erased (i.e., is all 1s) but the page
 * has never been provisioned with a certificate.
 */
TEST_F(CertTest, UnprovisionedCert) {
  hardened_bool_t matches = kHardenedBoolFalse;
  uint8_t unprovisioned_cert_bytes[1024];
  memset(unprovisioned_cert_bytes, 0xFF, sizeof(unprovisioned_cert_bytes));
  EXPECT_EQ(
      cert_x509_asn1_check_serial_number((uint8_t *)&unprovisioned_cert_bytes,
                                         sizeof(unprovisioned_cert_bytes),
                                         &expected_sn_bytes_, &matches),
      kErrorOk);
  EXPECT_EQ(matches, kHardenedBoolFalse);
}

TEST_F(CertTest, BadSerialNumberTag) {
  hardened_bool_t matches = kHardenedBoolFalse;
  uint8_t backup =
      valid_dice_cert_bytes_[kCertX509Asn1SerialNumberTagByteOffset];
  valid_dice_cert_bytes_[kCertX509Asn1SerialNumberTagByteOffset] = 0;
  EXPECT_EQ(cert_x509_asn1_check_serial_number(valid_dice_cert_bytes_,
                                               sizeof(valid_dice_cert_bytes_),
                                               &expected_sn_bytes_, &matches),
            kErrorOk);
  EXPECT_EQ(matches, kHardenedBoolFalse);
  valid_dice_cert_bytes_[kCertX509Asn1SerialNumberTagByteOffset] = backup;
}

TEST_F(CertTest, BadSerialNumberLength) {
  hardened_bool_t matches = kHardenedBoolFalse;
  uint8_t backup =
      valid_dice_cert_bytes_[kCertX509Asn1SerialNumberLengthByteOffset];
  valid_dice_cert_bytes_[kCertX509Asn1SerialNumberLengthByteOffset] = 22;
  EXPECT_EQ(cert_x509_asn1_check_serial_number(valid_dice_cert_bytes_,
                                               sizeof(valid_dice_cert_bytes_),
                                               &expected_sn_bytes_, &matches),
            kErrorOk);
  EXPECT_EQ(matches, kHardenedBoolFalse);
  valid_dice_cert_bytes_[kCertX509Asn1SerialNumberLengthByteOffset] = backup;
}

TEST_F(CertTest, CertOutdated) {
  hardened_bool_t matches = kHardenedBoolFalse;
  uint8_t empty_sn[kCertX509Asn1SerialNumberSizeInBytes] = {0};
  EXPECT_EQ(cert_x509_asn1_check_serial_number(valid_dice_cert_bytes_,
                                               sizeof(valid_dice_cert_bytes_),
                                               &empty_sn, &matches),
            kErrorOk);
  EXPECT_EQ(matches, kHardenedBoolFalse);
}

TEST_F(CertTest, CertOutdatedSerialNumberSizeMismatch) {
  hardened_bool_t matches = kHardenedBoolFalse;
  uint8_t old_length =
      valid_dice_cert_bytes_[kCertX509Asn1SerialNumberLengthByteOffset];
  valid_dice_cert_bytes_[kCertX509Asn1SerialNumberLengthByteOffset] = 19;
  EXPECT_EQ(cert_x509_asn1_check_serial_number(valid_dice_cert_bytes_,
                                               sizeof(valid_dice_cert_bytes_),
                                               &expected_sn_bytes_, &matches),
            kErrorOk);
  EXPECT_EQ(matches, kHardenedBoolFalse);
  valid_dice_cert_bytes_[kCertX509Asn1SerialNumberLengthByteOffset] =
      old_length;
}

TEST_F(CertTest, CertValidFullSerialNumber) {
  hardened_bool_t matches = kHardenedBoolFalse;

  // Full length serial number.
  matches = kHardenedBoolFalse;
  EXPECT_EQ(cert_x509_asn1_check_serial_number(valid_dice_cert_bytes_,
                                               sizeof(valid_dice_cert_bytes_),
                                               &expected_sn_bytes_, &matches),
            kErrorOk);
  EXPECT_EQ(matches, kHardenedBoolTrue);
}

}  // namespace
}  // namespace cert_unittest
